Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Regulations. Show all posts

Blue Cross Customers at Risk: Sobeys Hack Exposes Personal Data in Latest Breach


The Rising Threat of Data Breaches: An Overview of Recent Incidents

Blue Cross, a Canadian insurance organisation, has recently alerted its customers about a possible data breach resulting from a cyberattack that occurred at Sobeys, a famous Canadian grocery chain. The attack is believed to have leaked the personal info of Blue Cross customers who had used their Blue Cross coverage to buy medications from Sobeys pharmacies.

As per the announcement by Blue Cross, the attack happened in late January of 2023, and experts found in early February. The attack is said to have impacted around 100,000 Blue Cross customers in total. The data that was potentially leaked includes names, addresses, contact number, date of birth, and medication details.

Blue Cross Customers Alerted to Sobeys Data Breach: What You Need to Know

This recent attack is just the latest in a series of high-profile breaches that have happened in recent times, this includes the massive Equifax breach in 2017 that leaked the personal info of millions of people, and the Target breach in 2013 that disrupted the credit and debit card data of 40 million customers.

The rise in numbers and threat levels of these breaches show the immediate need for robust cybersecurity initiatives and rules to safeguard personal data. Organizations must take measures to make sure that their devices are safe and that they are able to find and combat potential breaches quickly. This will require investing in state-of-the-art security tech, performing frequent security checks, and training employees to identify and respond to potential security threats.

Preventing Data Breaches: Best Practices for Companies to Protect Customer Data

Companies should also be transparent and honest with their customers about any potential breaches that may have happened. This lets customers take steps to protect themselves, such as changing their passwords or looking for  suspicious activities. In Blue Cross breach incident, the company has given its impacted customers one year of free credit monitoring and identity theft protection services.

But it is clear that these steps are not enough to stop breaches from happening in the first place. There is a an urgent for stricter rules and penalties for organizations that don't protect their customers' information. The Canadian government recently brought a new law, the Digital Charter Implementation Act, which will strengthen privacy protections and charge fines of up to 5% of a firm's global revenue for violating the law.

The Importance of Stronger Regulations: Why We Need Stricter Cybersecurity Laws to Combat Data Breaches

While these rules are a step towards the right direction, alot more needs to be done to make sure that organizations are held responsible for the security of their customers' information. This will include greater surveillance and enforcement by regulatory bodies, along with public education and awareness initiatives to help users protect themselves online.

In the end, the recent attack on Blue Cross and other recent breaches serve as a wake-up call for both companies and individuals. It is important that people take steps to secure their own information, like using strong passwords, implementing 2FA (two-factor authentication), and checking their credit reports. The  companies should also take accountability steps to protect  their customers' information and to invest in the needed cybersecurity measures to protect breaches from occurring. 


Britain Government With Robust Crypto Regulation

The department of Britain’s finance ministry came with robust regulations for crypto assets, following the collapse of the crypto exchange FTX last year in which millions of people lost billions of dollars. 
However, regulation of crypto-assets could create a one-sized approach that could hinder innovation.

The treasury department published a consultation document today, to bring cryptocurrency-related activities under the ambit of governing traditional financial services. 

The ministers said that the new regulations will "mitigate the most significant risks of crypto assets while harnessing their advantages". As per the data from ministers, up to 10% of UK adults now own some form of crypto. 

The government is planning to use existing rules and regulations for the industry, rather than creating a whole new regime. The Treasury Department reported regarding the regulations that it will allow crypto to benefit from the "confidence, credibility and regulatory clarity" of the existing system for financial services, as set out in the UK's Financial Services and Markets Act 2000 (FSMA). 

Economic Secretary Andrew Griffith reported that the government remained "steadfast in our commitment to grow the economy and enable technological change and innovation - and this includes crypto-asset technology. But we must also protect consumers who are embracing this new technology - ensuring robust, transparent, and fair standards". 

The Treasury Department proposed in its consultation document the following: 

1. It will make laws and regulations on crypto-asset promotions which will be fair, clear, and not misleading. 

2. It will also enhance data-reporting requirements, including with regulators. 

3. Furthermore, it will implement new laws to stop so-called pump and dump, or lie and sell high where an individual artificially inflates the value of a crypto asset before selling it. 

Conservative MP Harriett Baldwin, who chairs the Treasury Committee, said, "truly Wild West behavior, valuable technological innovation happening that could benefit the UK economy". We are paying close attention to these plans and to the regulators' plans because we would not want our constituents to think cryptocurrencies are any less risky if they are regulated".

Binance Head Plans to Design Recovery Funds for Struggling Crypto Businesses

 

Changpeng Zhao, the founder of Binance, the world's largest cryptocurrency exchange, has called for more regulation of the cryptocurrency industry. 

Zhao was speaking at a conference in Bali, Indonesia, attended by leaders of the G20 group of nations. His comments came as the tension rose from the collapse of rival firm FTX, founded by Sam Bankman-Fried. The crypto exchange filed for bankruptcy last week after customers rushed to withdraw $6 billion in crypto tokens in just 72 hours. 

According to Zhao, there are some bad players in the industry who are specifically targeting struggling crypto enterprises that do not have enough cash or assets to cover their immediate requirements. To ensure a smooth pathway, he announced plans for a recovery that would reduce the threat of "cascading negative effects" following FTX's collapse. 

“So, but the regulators do have a role. We do need slightly more, we do need to increase the clarity of regulations, and the sophistication of regulations in the crypto space,” Zhang stated. “So, over the last week, there’s so much turmoil in our industry. But I want everybody to understand that that’s not reflective of everything in the industry. The industry goes through ups and downs. We have one, or maybe worse players in the industry, but the is still growing, so we’re still building.” 

Irreparable Damage 

The FTX's sudden collapse has also eroded confidence in the digital asset market as a whole. Even the most established digital currency, Bitcoin, hit a two-year low following trouble at FTX. The crypto token was trading at around $16,000 on Monday, having witnessed a fall of nearly 22% last week. 

In a statement earlier this week, the Royal Bahamas Police said they were looking into whether any "criminal misconduct occurred" at FTX. That's after Reuters reported that at least $1 billion of user funds had vanished from the crypto platform. 

According to Reuters sources, Sam Bankman-Fried had transferred $10 billion of customer funds to his trading firm, Alameda Research. 

FTX shifted its headquarters last year in September from Hong Kong to the crypto-friendly Bahamas. Bankman-Fried stated at the time that the Caribbean tax haven had more regulator leverage than the Asian city and was a perfect spot to run business.

UK Foreign Office Suffered ‘Serious Cyber Security Incident’

 

A "serious incident" compelled the Foreign Office of the United Kingdom to seek immediate cybersecurity assistance. A recently released public tender document confirmed the incident. According to a document released on February 4, the Foreign, Commonwealth and Development Office (FCDO) sought "urgent business support" from its cybersecurity contractor, BAE Applied Intelligence, 

The FCDO paid the company £467,325.60 — about $630,000 — for its services after issuing a contract for "business analyst and technical architect support to assess an authority cyber security incident" on January 12, 2022, according to the notice. However, the incident's facts, which had not previously been made public, remain unknown. 

The document stated, “The Authority was the target of a serious cyber security incident, details of which cannot be disclosed. In response to this incident, urgent support was required to support remediation and investigation. Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation.” 

The Stack was the first to report on the BAE contract. According to an FCDO's spokesperson who did not give their name stated that the office does not comment on security but has measures in place to detect and protect against potential cyber events. Further queries about the incident, such as whether classified information was accessed, were declined by the spokesperson. 

TechCrunch also contacted the United Kingdom's data protection authority to see if the event had been reported, but is yet to hear back. The announcement of the apparent incident came only days after the British Council, an institution that specialises in international cultural and educational opportunities, was found to have suffered a severe security breach. Clario researchers discovered 144,000 unencrypted files on an unsecured Microsoft Azure storage server, including the personal and login information of British Council students. 

Following an investigation by the UK's National Cyber Security Center, Wilton Park, a Sussex-based executive agency of the FCDO, was hit by a cyberattack in December 2020, which revealed that hackers had access to the agency's systems for six years, though there was no proof that data had been stolen.